Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9a2d86-0f5e-446b-ad29-f8af2d0ae28c/1/1kBlpUFdmUI5AUXyJHkB2TZFidc.mft
File: 1kBlpUFdmUI5AUXyJHkB2TZFidc.mft (raw, json)
Hash identifier: cFWmJIuSWkc1jLAb+ycvogpkpN2/6/h/cx6omlWkxlw=
Subject key identifier: 81:CA:A4:DF:7F:24:B4:5D:F1:35:DD:30:A0:08:A2:9B:A3:16:61:9D
Authority key identifier: D6:40:65:A5:41:5D:99:42:39:01:45:F2:24:79:01:D9:36:45:89:D7
Certificate issuer: /CN=d64065a5415d9942390145f2247901d9364589d7
Certificate serial: 01963876F4446A5D87E9C54472D57C7119B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kBlpUFdmUI5AUXyJHkB2TZFidc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9a2d86-0f5e-446b-ad29-f8af2d0ae28c/1/1kBlpUFdmUI5AUXyJHkB2TZFidc.mft
Manifest number: 09C3
Signing time: Tue 15 Apr 2025 08:00:41 +0000
Manifest this update: Tue 15 Apr 2025 08:00:41 +0000
Manifest next update: Wed 16 Apr 2025 08:00:41 +0000
Files and hashes: 1: 1kBlpUFdmUI5AUXyJHkB2TZFidc.crl (hash: dhgt9y7SC3zmQtpiUQlTqyKcQwmvpOhq+JKzyjyWqn8=)
2: 6rPFWOjVfpn28_M8t16r5KAzkLA.roa (hash: wER3Gq8nSGCzekLgZFtgVD/F8/GF6EezM87XvHZecI4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/9a2d86-0f5e-446b-ad29-f8af2d0ae28c/1/1kBlpUFdmUI5AUXyJHkB2TZFidc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/9a2d86-0f5e-446b-ad29-f8af2d0ae28c/1/1kBlpUFdmUI5AUXyJHkB2TZFidc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1kBlpUFdmUI5AUXyJHkB2TZFidc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:76:f4:44:6a:5d:87:e9:c5:44:72:d5:7c:71:19:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d64065a5415d9942390145f2247901d9364589d7
Validity
Not Before: Apr 15 08:00:41 2025 GMT
Not After : Apr 16 08:00:41 2025 GMT
Subject: CN=81caa4df7f24b45df135dd30a008a29ba316619d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4c:d7:d6:11:07:86:c5:17:f1:ad:c7:89:09:
8c:8f:ce:52:13:21:d9:bc:19:a4:52:03:4a:d2:3e:
42:22:bf:d2:14:6a:fb:21:5d:f5:2b:1d:e8:91:a5:
b1:91:7f:cc:4f:c2:4c:be:c3:51:ab:17:6a:fd:12:
1b:4d:89:26:97:75:14:da:7b:e6:ab:13:46:3b:d9:
44:9f:3f:3b:37:cb:3e:62:ba:40:81:bc:7a:bd:ef:
b6:ae:ce:ec:cb:33:56:5c:ef:c3:b2:af:f2:e0:e5:
a4:9c:e9:68:f2:6f:4d:63:e7:80:f0:7e:6a:cb:06:
bd:61:99:1b:c8:b9:af:d6:04:01:dc:1c:9b:21:9d:
85:d2:71:27:32:a1:86:13:d5:0b:eb:83:64:b6:42:
d2:97:55:55:56:cf:d3:51:bf:1c:2d:04:7a:b8:c1:
fc:4c:67:19:b8:96:74:f2:14:a8:f2:94:63:c4:14:
14:bd:92:9b:aa:18:da:b2:08:68:75:9c:0a:53:cc:
f1:c6:fc:b1:f9:88:fe:81:52:6a:87:51:e8:35:58:
23:00:c3:ae:af:73:9b:60:2e:88:60:b9:c1:21:14:
27:dd:ea:58:91:47:0c:96:a9:42:a8:6e:76:ff:bf:
df:11:88:21:4a:28:80:e1:11:66:6b:df:8e:a4:5f:
10:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CA:A4:DF:7F:24:B4:5D:F1:35:DD:30:A0:08:A2:9B:A3:16:61:9D
X509v3 Authority Key Identifier:
keyid:D6:40:65:A5:41:5D:99:42:39:01:45:F2:24:79:01:D9:36:45:89:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kBlpUFdmUI5AUXyJHkB2TZFidc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9a2d86-0f5e-446b-ad29-f8af2d0ae28c/1/1kBlpUFdmUI5AUXyJHkB2TZFidc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9a2d86-0f5e-446b-ad29-f8af2d0ae28c/1/1kBlpUFdmUI5AUXyJHkB2TZFidc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:4f:69:f4:73:1d:a0:ea:0a:8c:d2:ae:0f:94:9f:ff:6a:27:
a1:fa:8e:27:f8:65:a4:34:74:d5:bb:08:e9:9b:73:1f:9b:be:
65:ea:80:5c:93:4d:8a:67:9d:ae:b9:ad:93:fc:0f:8d:5a:29:
14:0d:24:dc:82:82:79:63:b0:ac:c3:51:d9:19:da:04:28:b1:
8a:f4:2e:ed:83:61:f3:15:67:2d:ac:19:bb:38:b4:7f:7b:17:
81:1d:78:ea:85:43:42:78:b2:54:82:84:3e:22:ce:5b:f7:b0:
7e:55:59:a3:67:8d:8e:88:b0:6a:70:42:be:c6:4c:1d:67:bc:
ec:74:42:c4:55:44:3b:fc:9c:14:02:2b:f2:50:f0:b5:de:c8:
ce:42:76:5e:a2:b6:12:1e:af:5d:00:c0:23:03:9a:10:c2:c4:
8b:05:f2:ee:14:2a:08:4f:31:20:07:7c:61:4e:a1:77:ad:d9:
b5:7c:7b:92:0a:0e:53:ca:31:6c:52:e2:5c:7b:46:d0:55:fe:
45:56:df:85:ee:f4:20:66:93:29:4f:50:64:98:66:49:80:bd:
2d:fa:0d:dd:e5:ca:12:94:71:55:f6:de:f0:59:27:6f:57:d6:
94:b3:fa:c8:a7:4a:7d:d1:09:bc:b4:c7:5d:fa:1b:25:0b:48:
21:e8:47:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY4dvREal2H6cVEctV8cRm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NDA2NWE1NDE1ZDk5NDIzOTAxNDVmMjI0NzkwMWQ5MzY0
NTg5ZDcwHhcNMjUwNDE1MDgwMDQxWhcNMjUwNDE2MDgwMDQxWjAzMTEwLwYDVQQD
Eyg4MWNhYTRkZjdmMjRiNDVkZjEzNWRkMzBhMDA4YTI5YmEzMTY2MTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUzX1hEHhsUX8a3HiQmMj85SEyHZ
vBmkUgNK0j5CIr/SFGr7IV31Kx3okaWxkX/MT8JMvsNRqxdq/RIbTYkml3UU2nvm
qxNGO9lEnz87N8s+YrpAgbx6ve+2rs7syzNWXO/Dsq/y4OWknOlo8m9NY+eA8H5q
ywa9YZkbyLmv1gQB3BybIZ2F0nEnMqGGE9UL64NktkLSl1VVVs/TUb8cLQR6uMH8
TGcZuJZ08hSo8pRjxBQUvZKbqhjasghodZwKU8zxxvyx+Yj+gVJqh1HoNVgjAMOu
r3ObYC6IYLnBIRQn3epYkUcMlqlCqG52/7/fEYghSiiA4RFma9+OpF8QvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHKpN9/JLRd8TXdMKAIopujFmGdMB8GA1UdIwQY
MBaAFNZAZaVBXZlCOQFF8iR5Adk2RYnXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWtCbHBVRmRtVUk1QVVYeUpIa0IyVFpGaWRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85YTJkODYtMGY1ZS00NDZiLWFkMjkt
ZjhhZjJkMGFlMjhjLzEvMWtCbHBVRmRtVUk1QVVYeUpIa0IyVFpGaWRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85YTJkODYtMGY1ZS00NDZiLWFkMjktZjhhZjJkMGFlMjhj
LzEvMWtCbHBVRmRtVUk1QVVYeUpIa0IyVFpGaWRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZE9p9HMd
oOoKjNKuD5Sf/2onofqOJ/hlpDR01bsI6ZtzH5u+ZeqAXJNNimedrrmtk/wPjVop
FA0k3IKCeWOwrMNR2RnaBCixivQu7YNh8xVnLawZuzi0f3sXgR146oVDQniyVIKE
PiLOW/ewflVZo2eNjoiwanBCvsZMHWe87HRCxFVEO/ycFAIr8lDwtd7IzkJ2XqK2
Eh6vXQDAIwOaEMLEiwXy7hQqCE8xIAd8YU6hd63ZtXx7kgoOU8oxbFLiXHtG0FX+
RVbfhe70IGaTKU9QZJhmSYC9LfoN3eXKEpRxVfbe8Fknb1fWlLP6yKdKfdEJvLTH
XfobJQtIIehHZg==
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:36:29 2025 by rpki-client